[20993] in bugtraq
Re: (forw) rsh bufferoverflow on AIX 4.2
daemon@ATHENA.MIT.EDU (Troy Bollinger)
Tue Jun 12 20:42:08 2001
Date: Tue, 12 Jun 2001 12:02:50 -0500
From: Troy Bollinger <troy@austin.ibm.com>
To: ymc@iss.com.tw
Cc: bugtraq@securityfocus.com
Message-ID: <20010612120250.B11374@austin.ibm.com>
Mail-Followup-To: ymc@iss.com.tw, bugtraq@securityfocus.com
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Quoting ymc@iss.com.tw:
> From: "ox" <ymc@iss.com.tw>
> To: <bugtraq@securityfocus.com>
> Subject: rsh bufferoverflow on AIX 4.2
> Date: Tue, 12 Jun 2001 11:40:20 +0800
> Message-ID: <NFBBLJDKGKGPELLLMCNEOELICAAA.ymc@iss.com.tw>
> X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0)
>
> Hello bugtraq,
>
> I am sorry if the problem had been found before, that is
> bufferoverflow what I found both /usr/bin/rsh and
> /usr/lpp/ssp/rcmd/bin/rsh.
>
Hi,
Based on the gdb session you've gave, it appears that this is the same
vulnerability as reported to bugtraq back in 1996. It can be fixed by
applying one of the following APARs:
Abstract: buffer overflow in gethostbyname()
3.2 APAR: IX60927
4.1 APAR: IX61019
4.2 APAR: IX62144
If you have further questions regarding this vulnerability or other AIX
security issues, you can reach the AIX security team at:
mailto:security-alert@austin.ibm.com
--
Troy Bollinger <troy@austin.ibm.com>
Network Security Analyst
PGP keyid: 1024/0xB7783129
Troy's opinions are not IBM policy
